User Tracking

Results 1 to 3 of 3

Thread: User Tracking

  1. #1
    Cameron Epp Guest

    Default User Tracking

    I want to be able to authenticate users into an NT user account (probably by using basic authentication over SSL) and then pull information about them (FirstName, LastName, etc.), from a database table based on their login ID without using two seperate logins (one for NT, one for the database). Has anyone done this or seen it done, and how/where? thanks a lot, Cam

  2. #2
    Jason Miller Guest

    Default RE: User Tracking

    Forewarning: Keeping the integrity of user information will be an official pain in the butt. That said...<BR><BR>Here&#039s what you need:<BR><BR>1 Script (Login.asp) with Basic Authentication enabled, allow anonymous disabled, and all anonymous groups removed from the ACL. You&#039ll also need a database of user info, primary-keyed to the users&#039 logins.<BR><BR>Code looks kind of like this:<BR><BR> strUser = replace(request.serverVariables("AUTH_USER"), "/", "\")<BR> connectDB()<BR> set myRS = viewRecords("UserData", "lCase(login) = &#039" & lCase(strUser) & "&#039")<BR> if not myRS.eof then <BR> response.cookies("NSD.User") = myRS("login")<BR> else<BR> response.write "Warning: User Information Not Found."<BR> end if<BR> myRS.close<BR> set myRS = nothing<BR><BR>What just happened: A user logged in ("myDomain/JohnDoe"). My database expects that domain splits are , not /, hence the Replace line. We used a primative (and rather slow) database handler to retrieve all records where the Login was my users&#039 Login. We should have One record, from which we assign the official cookie of being (though we could probably go back to the AUTH_USER every time, a cookie is more forgiving and better defined). If we don&#039t have a record, we toss our cookies (sorry, had to be said).<BR><BR>This works for my configuration which hasn&#039t been very altered. It might rely on a session state, I don&#039t think I disabled them anywhere. It doesn&#039t rely on any explicit session variables, I didn&#039t set them anywhere. If you want to really ensure that your user can log in, get SA-Admin or SA-FileManager and use the .login features of those, given username and password from Basic Authentication. I&#039ve never seen this sort of authentication time out (even overnight); client closing the browser (entirely) detaches the user object. Once again, this might be because I don&#039t know what my session settings are -- but I think it&#039s just a freaky feature.<BR><BR>HiH

  3. #3
    Cameron Epp Guest

    Default RE: User Tracking

    thanks a lot, that&#039s exactly what i needed :)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts